DockerImageUpdateAutobuild #86


%YAML 1.1
name: 'DockerImageUpdateAutobuild'
# Adapted from
# The trigger on 'schedule' allows to run daily. Time is in UTC declared in cron syntax.
# The scheduled jobs run only on the default branch.
- cron: '37 2 * * *'
runs-on: 'ubuntu-latest'
target: [ 'otobo-web', 'otobo-nginx-webproxy', 'otobo-nginx-kerberos-webproxy' ]
docker_tag: [ 'latest-10_0-autobuild', 'latest-10_1-autobuild', 'latest-11_0-autobuild' ]
# the latest release for every release branch - has to be updated
docker_tag: 'latest-10_0-autobuild'
patch: 'rel-10_0_22'
docker_tag: 'latest-10_1-autobuild'
patch: 'rel-10_1_11'
docker_tag: 'latest-11_0-autobuild'
patch: 'rel-11_0_7'
# otobo-web uses different base images in the different release branches
target: 'otobo-web'
docker_tag: 'latest-10_0-autobuild'
base_image: 'perl:5.32-buster'
target: 'otobo-web'
docker_tag: 'latest-10_1-autobuild'
base_image: 'perl:5.36-bookworm'
target: 'otobo-web'
docker_tag: 'latest-11_0-autobuild'
base_image: 'perl:5.38-bookworm'
# otobo-nginx-kerberos-webproxy uses different dockerfiles in 10.0 and 10.1
target: 'otobo-nginx-kerberos-webproxy'
docker_tag: 'latest-10_0-autobuild'
dockerfile: 'otobo.nginx-kerberos.dockerfile'
target: 'otobo-nginx-kerberos-webproxy'
docker_tag: 'latest-10_1-autobuild'
dockerfile: 'otobo.nginx-kerberos.dockerfile'
target: 'otobo-nginx-kerberos-webproxy'
docker_tag: 'latest-11_0-autobuild'
dockerfile: 'otobo.nginx.dockerfile'
# common info for every target; for nginx this includes the base imagie
target: 'otobo-web'
dockerfile: 'otobo.web.dockerfile'
context: '.'
repository: 'rotheross/otobo'
target: 'otobo-nginx-webproxy'
dockerfile: 'otobo.nginx.dockerfile'
context: 'scripts/nginx'
repository: 'rotheross/otobo-nginx-webproxy'
base_image: 'nginx:mainline'
target: 'otobo-nginx-kerberos-webproxy'
context: 'scripts/nginx'
repository: 'rotheross/otobo-nginx-kerberos-webproxy'
base_image: 'nginx:mainline'
- name: Setting up the environment file
run: |
patch=${{ matrix.patch }}
docker_tag=${{ matrix.docker_tag }}
build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
echo "otobo_branch=${patch}"
echo "otobo_docker_tag=${docker_tag}"
echo "otobo_ref=${{ matrix.repository }}:${docker_tag}"
echo "otobo_base_image=${{ matrix.base_image }}"
echo "otobo_build_date=${build_date}"
name: Info
run: |
echo "Checking base image ${{ env.otobo_base_image }} of image ${{ env.otobo_ref }}"
# this step sets ${{ steps.check.outputs.needs-updating }}
name: Check whether base image was updated
id: check
uses: lucacome/docker-image-update-checker@v2
base-image: ${{ env.otobo_base_image }}
image: ${{ env.otobo_ref }}
# print the result in any case
name: Report the check result
run: |
echo "The OTOBO web image needs updating: ${{ steps.check.outputs.needs-updating }}"
name: Set up Docker Buildx
if: steps.check.outputs.needs-updating == 'true'
uses: docker/setup-buildx-action@v3
name: 'check out the relevant OTOBO branch'
if: steps.check.outputs.needs-updating == 'true'
uses: actions/checkout@v4
ref: ${{ env.otobo_branch }}
# needed for build arg GIT_COMMIT
# can't use github.sha here as we need the commit of the checked out branch
name: 'get the commit SHA of the current checkout'
if: steps.check.outputs.needs-updating == 'true'
run: echo "otobo_commit=$(git log -1 '--format=format:%H')" >> $GITHUB_ENV
# build the image, not pushing yet, no pushing as DockerHub access is not set up yet
# Caching with Github Actions Cache, limited to 10 GB
# context: . indicates that the current checkout is used
name: Build
if: steps.check.outputs.needs-updating == 'true'
uses: docker/build-push-action@v6
load: true
context: ${{ matrix.context }}
file: ${{ matrix.dockerfile }}
pull: true
build-args: |
BUILD_DATE=${{ env.otobo_build_date }}
DOCKER_TAG=${{ env.otobo_docker_tag }}
GIT_REPO=${{ github.repositoryUrl }}
GIT_BRANCH=${{ env.otobo_branch }}
GIT_COMMIT=${{ env.otobo_commit }}
target: ${{ }}
tags: ${{ env.otobo_ref }}
cache-from: type=gha
cache-to: type=gha,mode=max
# otobo_first_time hasn't run yet, so /opt/otobodockerupdatetest is still empty
name: Info
if: ${{ steps.check.outputs.needs-updating == 'true' && == 'otobo-web' }}
run: |
docker run --rm -w /opt/otobo_install/otobo_next --entrypoint /bin/bash $otobo_ref -c "more git-repo.txt git-branch.txt git-commit.txt RELEASE | cat"
# login to Docker Hub only after the build
name: Login to Docker Hub
if: steps.check.outputs.needs-updating == 'true'
uses: docker/login-action@v3
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# finally upload to DockerHub
# the built image is already available in the job
name: Push to DockerHub
if: steps.check.outputs.needs-updating == 'true'
uses: docker/build-push-action@v6
push: true
context: ${{ matrix.context }}
file: ${{ matrix.dockerfile }}
pull: true
build-args: |
BUILD_DATE=${{ env.otobo_build_date }}
DOCKER_TAG=${{ env.otobo_docker_tag }}
GIT_REPO=${{ github.repositoryUrl }}
GIT_BRANCH=${{ env.otobo_branch }}
GIT_COMMIT=${{ env.otobo_commit }}
target: ${{ }}
tags: ${{ env.otobo_ref }}
cache-from: type=gha
cache-to: type=gha,mode=max